package cn.ustb.controller;

import cn.ustb.entity.User;
import cn.ustb.service.UserService;
import cn.ustb.serviceImpl.UserServiceImpl;
import java.io.IOException;
import java.util.Locale;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import static cn.ustb.util.MD5WithSaltUtil.verifySaltPassword;

/**
 * 登录转发
 * 获取登录用户的信息，并判断登录用户的身份
 * 根据用户的身份转到对应的用户页面
 * @author ljy
 */
@WebServlet("/loginServlet")
public class loginServlet extends HttpServlet {
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        //获取网页请求参数username和password
        HttpSession session = req.getSession();
        String code = req.getParameter("CHECK_CODE_PARAM_NAME");
        String codePost = (String) req.getSession().getAttribute(ValidateColorServlet.CHECK_CODE_KEY);
        codePost = codePost.toLowerCase(Locale.ROOT);
        code = code.toLowerCase(Locale.ROOT);
        if (!codePost.equals(code)){
            String message = "验证码错误";
            session.setAttribute("message", message);
            resp.sendRedirect(req.getContextPath() + "/login.jsp");
            return;
        }
        String username = req.getParameter("username");
        String password=req.getParameter("password");
        //从数据库获取登录账号信息
        UserService userService=new UserServiceImpl();
        User user=userService.getUserName(username);
        //将查到的user放进session中
        if(user != null){
            String state = user.getIdentity();
            req.getSession().setAttribute("user", user);
            //获取数据库中user的密码
            String userPassword = user.getPassword();
            //根据登录账号的身份不同重定向到不同的页面
            if("学生".equals(state)){
                //核对密码
//                if(password.equals(userPassword)){
                if(verifySaltPassword(password, userPassword)){
                    resp.sendRedirect(req.getContextPath() + "/studentInformationServlet.do");
                }else{
                    //密码错误报错
                    resp.sendRedirect(req.getContextPath() + "/password_error.jsp");
                }
            }else if("教师".equals(state)){
                //核对密码
                if(verifySaltPassword(password, userPassword)){
                    resp.sendRedirect(req.getContextPath() + "/teacherInformationServlet.do");
                }else{
                    //密码错误报错
                    resp.sendRedirect(req.getContextPath() + "/password_error.jsp");
                }
            }
        }else{
            //用户不存在报错
            resp.sendRedirect(req.getContextPath() + "/error.jsp");
        }
    }
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        doGet(request, response);
    }
}
